Posts Tagged ‘
WordPress security ’

The Problem I’ve noticed a good percentage of WordPress sites are brochure ware, and rarely have any updated content. Site owners struggle over an extended period to keep their site secure. Keeping WordPress updated, plugins updated, theme updated. Auto updates have helped a lot with this recently. Keeping everything updated doesn’t guarantee you won’t get hacked […]

Most WordPress hacks contain certain php code. It’s always better to catch the hack as soon as you can. Before customers start to ring, before the hack spreads and causes worse problems. Following is a bash script that you can use to find potential hacked WordPress accounts. if find /home/ -mtime -1 -type f […]

This is an example website request that can hack open your WordPress website in a nano second. The theme used above (mTheme-Unus) has some poor code. And the hacker can send the carefully crafted URL to download your wp-config.php (which contains your passwords). This is why you need to keep your WordPress plugins and themes […]

You need to protect your WordPress website from hackers. One way the hackers get in is by password guessing. They are very good at it, and even if they don’t hack your WordPress web site – they steal away performance from real people trying to use your web site. Common mistakes: relying on WordFence plugin. […]

So you managed to get your WordPress site hacked, here is a few options: recover a backup from before the hack occured export posts/pages, create a new WordPress install, add the plugins from wordpress.org, add your theme from somewhere clean, import pages/posts. This is a big job, and best done by someone who works everyday […]

So you have https enabled on your site, or you’re thinking about it. If you are selling stuff – obviously https is a must have. But if your WordPress site is largely marketing – there is the promise of better google SEO rankings for https sites, so more folk are moving to HTTPS. Before you […]

Everyone is always trying to stop hackers, with WordPress plugins, or 3rd party services – and the hacks still get in (and plugins are a hassle to maintain). Have you ever noticed your WordPress only got hacked when you weren’t watching ? How did they get in anyway ? And how did they write all those hacked […]

I’ve written about this before, but I have new ideas, but I’ll start with a short recap. WordPress needs to be able write to the FileSystem for things like updates, new plugins, caching. But , for a large proportion of web requests, WordPress really only needs read-only access to the filesystem. (more detail here). What […]

Your trying to get your WordPress site secure. You’ve done the basics, like get a certificate, and enable https on your web server. But the darn lock icon just won’t come up. It looks something like this Then , what’s worse, some browser work with the lock icon, some don’t, some won’t even display the […]

At wpDone we’ve come up with a solution to help those with slow WordPress websites, with smallish WordPress hosting setups. This is a real GAME CHANGER. No need to change your hosting provider. No need to install a plugin. If you have shared web hosting, reseller web hosting, or struggling with too many options for […]